Cisco Subnet An independent Cisco community View more

Defining F5's role in software defined networks

What, if any, is F5's role in the world of SDNs?

I think it’s fair to say that almost every vendor even remotely associated with the data center has tossed its hat in the software defined network (SDN) arena over the past few years. The goal here is to obviously ride the hype wave while the topic is red hot. I think it’s also fair to say that F5 Networks is one of the dominant data center vendors today with about 50% share in the Application Delivery Controller (ADC) market. So this raises a good question – what, if any, is F5’s role in the world of SDNs? I’ve had a number of my investor clients ask me about this recently, so I thought I’d summarize my thoughts here.

Before we get into F5 specifically, we should ask another question - is there a role for an ADC in an SDN? I’ve heard some speculation that the controller could actually subsume the ADC functionality and obviate the need for one. I’ve discussed this with a number of vendors involved in SDN and I believe the likelihood of an SDN controller replacing an ADC is about as likely as Tim Tebow becoming a Pro Bowl quarterback.

There are a couple of reasons I believe this. First, most SDNs controllers understand what’s happening at layer 2/3,  the network layers, but have very little knowledge of layers 4-7, the application layers. This is why one is a network controller and the other one is an application delivery controller. An SDN controller looks at the infrastructure from the bottom up through the lens of the network. An ADC sees the infrastructure from a top-down view – through the lens of applications. In theory, an SDN controller vendor could go off and try and build an SDN, but the products do different things. Almost all network traffic is stateless, whereas nearly all the traffic that runs through an ADC is stateful.

It’s my opinion that as SDNs mature, ADCs will play an important role. The goal of an SDN deployment should be to simplify and automate operational processes so IT can scale. It’s also important to understand that a software defined network isn’t just a switch, controller, or any product. It’s an architecture that includes network services but also higher-level services, such as load balancing, malware detection, application performance, web security, and a number of other services best handled in an ADC. A good way to think about the ADC is that it’s the SDN “controller” for layer 4-7 services where a traditional controller hands layer 2/3. Does this mean there will be multiple controllers? Sure, but that’s OK as there’s far too much domain knowledge required to expect a single controller to handle everything.

With regards to F5 specifically, the company does have a broad set of software defined application services (SDAS) today. BIG-IQ is an architecture for managing F5 SDAS elements and can be used to provide simplified abstractions to the control or orchestration plane. This can be useful when integrating a number of heterogeneous components. This is why the F5 Synthesis partner ecosystem is so broad today and is an SDN “whose who,” including Cisco, VMware, Big Switch, Arista, Oracle, Splunk, Rackspace, and the list goes on.

F5 is also one of the few vendors that’s playing both sides of the VMware/Cisco card. Clearly, the SDN wars are heading down a path where there’s a defined Cisco camp and VMware camp. F5 has managed to add value to both of those ecosystems, meaning no matter who wins the VMware/Cisco war, F5 wins. For example, F5 has something called iApps, which is a customizable framework for deploying various applications. There’s currently an iApp that enables customers to see APIC-FFIV integration through a single pane of glass.

The last arrow in the F5 quiver is iRules. For those not familiar with iRules, it’s a scripting tool used to develop custom features in an F5 ADC. As SDNs mature and the ecosystem broadens, iRules can be created to tie the various components together.  I’ve long felt that iRules is F5’s secret weapon and I don’t see why it would be any different in the world of SDNs.

So does F5 have a role in SDNs? Absolutely, similar to the role it plays in traditional networking, ADCs will be the “Rosetta stone” used to enable applications and the network to talk to one another. F5’s unique assets and go-to-market approach should enable it to keep its leadership position in the layer 4-7 markets.

From CSO: 7 security mistakes people make with their mobile device
Join the discussion
Be the first to comment on this article. Our Commenting Policies